For all of Java's authentication/security API's, there is actually no way of verifying a user's password with the underlying operating system. Shaj is a simple Java library that allows your Java app to verify users with the underlying operating system. Shaj also allows you to check group membership.

Shaj is not an authenication library; it's not a replacement for JAAS, which can use an underlying operating system to authenticate and authorize users as well via the various operating system-specific modules. It's meant for simple validation purposes.

Shaj currently supports Windows and Unix (PAM), and comes with pre-compiled JNI libraries for win32, Linux, Mac OS-X and Solaris. Shaj should work on Java 1.2+ JVM's. Shaj is written in C and Java.

This sounds like a fantastic feature, my question is: Under Apache 2.0 License, if I incorporate this library into my code, does my application now become subject to Apache 2.0 License or do I just need to include the materials to uphold the Apache license for Shaj?

If using Shaj doesn't interfere with how I license my own product, that sounds great.

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations technology projects - with its network of technology-specific websites, events and online magazines.